a3dae56e6f7597e815a75365265cbf8b[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3dae56e6f7597e815a75365265cbf8b.zip
Size

5.5MB
MD5

88594940e24691278defd1b5736ecfb4
SHA1

6debe57291c170a02891227ebd5c1e5a299c498d
SHA256

66d2614c96dddf14fb460dc6e8f2c2d8dc2883b40ef84238dd99909c3805801b
SHA512

ba77a15432091c64d6b61402964cb384fcb65faad8b5b5b65d4270e8a7623e6b03e7c69232e08685709a13fbb8aae1b625f31a754059f151a1ee73a0fb6eb1a4
SSDEEP

98304:d3i//WLpeXAZVK1KjznDTybVBC3yWE/7aN7iQPJfSkLBkKjdSjkHc0oGXtLi:d3iHtXAu1yWbVciDkTlHIsoGdLi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b5cbf4edba83c2c00be2c0760bc62bd90028bfdd64074dc1568e9d663910e215

Files

a3dae56e6f7597e815a75365265cbf8b.zip
.zip

Password: infected
b5cbf4edba83c2c00be2c0760bc62bd90028bfdd64074dc1568e9d663910e215
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ